Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <fc1c5675-034b-bf5b-ba2b-6be06e03b458@digikod.net>
Date: Thu, 15 Oct 2020 14:31:58 +0200
From: Mickaël Salaün <mic@...ikod.net>
To: James Morris <jmorris@...ei.org>, "Serge E . Hallyn" <serge@...lyn.com>,
 Jonathan Corbet <corbet@....net>
Cc: linux-kernel@...r.kernel.org, Al Viro <viro@...iv.linux.org.uk>,
 Richard Weinberger <richard@....at>, Andy Lutomirski <luto@...capital.net>,
 Anton Ivanov <anton.ivanov@...bridgegreys.com>, Arnd Bergmann
 <arnd@...db.de>, Casey Schaufler <casey@...aufler-ca.com>,
 Jann Horn <jannh@...gle.com>, Jeff Dike <jdike@...toit.com>,
 Kees Cook <keescook@...omium.org>, Michael Kerrisk <mtk.manpages@...il.com>,
 Shuah Khan <shuah@...nel.org>,
 Vincent Dagonneau <vincent.dagonneau@....gouv.fr>,
 kernel-hardening@...ts.openwall.com, linux-api@...r.kernel.org,
 linux-arch@...r.kernel.org, linux-doc@...r.kernel.org,
 linux-fsdevel@...r.kernel.org, linux-kselftest@...r.kernel.org,
 linux-security-module@...r.kernel.org, x86@...nel.org,
 Mickaël Salaün <mic@...ux.microsoft.com>
Subject: Re: [PATCH v21 12/12] landlock: Add user and kernel documentation


On 08/10/2020 17:31, Mickaël Salaün wrote:
> From: Mickaël Salaün <mic@...ux.microsoft.com>
> 
> This documentation can be built with the Sphinx framework.
> 
> Cc: James Morris <jmorris@...ei.org>
> Cc: Jann Horn <jannh@...gle.com>
> Cc: Kees Cook <keescook@...omium.org>
> Cc: Serge E. Hallyn <serge@...lyn.com>
> Signed-off-by: Mickaël Salaün <mic@...ux.microsoft.com>
> Reviewed-by: Vincent Dagonneau <vincent.dagonneau@....gouv.fr>
> ---
> 
> Changes since v20:
> * Update examples and documentation with the new syscalls.
> 
> Changes since v19:
> * Update examples and documentation with the new syscalls.
> 
> Changes since v15:
> * Add current limitations.
> 
> Changes since v14:
> * Fix spelling (contributed by Randy Dunlap).
> * Extend documentation about inheritance and explain layer levels.
> * Remove the use of now-removed access rights.
> * Use GitHub links.
> * Improve kernel documentation.
> * Add section for tests.
> * Update example.
> 
> Changes since v13:
> * Rewrote the documentation according to the major revamp.
> 
> Previous changes:
> https://lore.kernel.org/lkml/20191104172146.30797-8-mic@digikod.net/
> ---
>  Documentation/security/index.rst           |   1 +
>  Documentation/security/landlock/index.rst  |  18 ++
>  Documentation/security/landlock/kernel.rst |  69 ++++++
>  Documentation/security/landlock/user.rst   | 242 +++++++++++++++++++++
>  4 files changed, 330 insertions(+)
>  create mode 100644 Documentation/security/landlock/index.rst
>  create mode 100644 Documentation/security/landlock/kernel.rst
>  create mode 100644 Documentation/security/landlock/user.rst
> 
> diff --git a/Documentation/security/index.rst b/Documentation/security/index.rst
> index 8129405eb2cc..e3f2bf4fef77 100644
> --- a/Documentation/security/index.rst
> +++ b/Documentation/security/index.rst
> @@ -16,3 +16,4 @@ Security Documentation
>     siphash
>     tpm/index
>     digsig
> +   landlock/index
> diff --git a/Documentation/security/landlock/index.rst b/Documentation/security/landlock/index.rst
> new file mode 100644
> index 000000000000..2520f8f33f5e
> --- /dev/null
> +++ b/Documentation/security/landlock/index.rst
> @@ -0,0 +1,18 @@
> +=========================================
> +Landlock LSM: unprivileged access control
> +=========================================
> +
> +:Author: Mickaël Salaün
> +
> +The goal of Landlock is to enable to restrict ambient rights (e.g.  global
> +filesystem access) for a set of processes.  Because Landlock is a stackable
> +LSM, it makes possible to create safe security sandboxes as new security layers
> +in addition to the existing system-wide access-controls. This kind of sandbox
> +is expected to help mitigate the security impact of bugs or
> +unexpected/malicious behaviors in user-space applications. Landlock empowers
> +any process, including unprivileged ones, to securely restrict themselves.
> +
> +.. toctree::
> +
> +    user
> +    kernel
> diff --git a/Documentation/security/landlock/kernel.rst b/Documentation/security/landlock/kernel.rst
> new file mode 100644
> index 000000000000..27c0933a0b6e
> --- /dev/null
> +++ b/Documentation/security/landlock/kernel.rst
> @@ -0,0 +1,69 @@
> +==============================
> +Landlock: kernel documentation
> +==============================
Cf. https://landlock.io/linux-doc/landlock-v21/security/landlock/kernel.html

I guess this is the good place for kernel API documentation.

> diff --git a/Documentation/security/landlock/user.rst b/Documentation/security/landlock/user.rst
> new file mode 100644
> index 000000000000..e6fbc75c1af1
> --- /dev/null
> +++ b/Documentation/security/landlock/user.rst
> @@ -0,0 +1,242 @@
> +=================================
> +Landlock: userspace documentation
> +=================================
Cf. https://landlock.io/linux-doc/landlock-v21/security/landlock/user.html

Shouldn't this go in Documentation/userspace-api/ instead?

Documentation/security/lsm-development.rst says that LSM documentation
should go to Documentation/admin-guide/LSM/ but this is not (like
seccomp) an admin documentation.
Should the Documentation/userspace-api/landlock.rst be linked from
Documentation/admin-guide/LSM/index.rst too?

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.